Connect Akto with Cloudflare

Cloudflare is a global network security platform that provides CDN, DDoS protection, and API security services. Integrating Cloudflare with Akto will enable automatic discovery and security testing of all APIs passing through your Cloudflare infrastructure, helping you maintain continuous visibility and protection of your edge-distributed APIs.

To connect Akto with Cloudflare, follow these steps -

Step 1: Deploy the Akto Data-Ingestion Service

Step 2: Set Up Your Cloudflare Worker Script

Go to Workers & Pages.
Click Create and choose Worker.
Click the Hello World button and deploy it.
Click Edit code and replace the default script with the following example:

export default {
  async fetch(request, env, ctx) {
    const requestClone = request.clone();
    const backendResponse = await fetch(request);

    try {
      const requestBody = await requestClone.text();
      
      const responseClone = backendResponse.clone();
      const responseBody = await responseClone.text();
      
      ctx.waitUntil(sendToAkto(request, requestBody, backendResponse, responseBody, env));
    } catch (error) {
      console.error("Error while processing original request or response: ", error)
    }

    return backendResponse;
  },
};

async function sendToAkto(request, requestBody, response, responseBody, env) {
  const aktoAPI = "https://<your-ingestion-service-address>/api/ingestData"; // Replace with your deployed ingestion endpoint

  const logs = generateLog(request, requestBody, response, responseBody);

  const aktoRequest = new Request(aktoAPI, {
    method: "POST",
    body: logs,
    headers: {
      "Content-Type": "application/json",
    },
  });

  const aktoResponse = await fetch(aktoRequest);

  if(aktoResponse.status === 400) {
    console.error(`Akto response: ${aktoResponse.status} ${aktoResponse.statusText}, Body: ${await aktoResponse.text()}`);
  }
}

function generateLog(req, requestBody, res, responseBody) {
  const url = new URL(req.url);
  const path = url.pathname;
  const value = {
    path: path,
    requestHeaders: JSON.stringify(Object.fromEntries(req.headers)),
    responseHeaders: JSON.stringify(Object.fromEntries(res.headers)),
    method: req.method,
    requestPayload: requestBody,
    responsePayload: responseBody,
    ip: req.headers.get('x-forwarded-for') || req.headers.get('cf-connecting-ip') || req.headers.get('x-real-ip') || '',
    time: Math.round(Date.now() / 1000).toString(),
    statusCode: res.status.toString(),
    type: "HTTP/1.1",
    status: res.statusText,
    akto_account_id: "1000000",
    akto_vxlan_id: "0",
    is_pending: "false",
    source: "MIRRORING"
  };

  return JSON.stringify({"batchData": [value]});
}

Step 3: Configure Worker Routing

If you'd like to route specific domains or paths through this Worker:

In the Cloudflare Dashboard, go to Workers & Pages.
Under Overview, select your Worker.
Navigate to Settings > Domains & Routes.
Click Add Route.
Select the appropriate zone (domain), and enter a route pattern such as:
```
*.yourdomain.com/*
```

This ensures all traffic matching the route is intercepted and mirrored to Akto.

Step 4: Verify the Setup

Confirm that API traffic data (requests and responses) are captured on the Akto dashboard under the respective api collection.
Check logs of your Lambda function for any initialization messages from the extension.
Navigate to Api Collections > Hostname.
You should start seeing the traffic from your Cloudflare Worker.

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.
Contact help@akto.io for email support.

PreviousConnect Akto with Kong Mesh NextConnect Akto with IBM Connect

Last updated 7 days ago

Was this helpful?